Add support for the dracut(8) system for generating initramfs image files; dracut is an alternative to the "initramfs-tools" package.
* .bzrignore (dracut-module/password-agent): Ignore new binary file. * dracut-module: New directory for the dracut module. * INSTALL (Prerequisites/Libraries/Mandos Client): Add dracut as an alternative to initramfs-tools, and also add GLib. * Makefile (DRACUTMODULE, GLIB_CFLAGS, GLIB_LIBS): New. (CPROGS): Add "dracut-module/password-agent". (DOCS): Add "dracut-module/password-agent.8mandos". (dracut-module/password-agent.8mandos): New. (dracut-module/password-agent.8mandos.xhtml): - '' - (dracut-module/password-agent): - '' - (check): Add command to run tests of password-agent(8mandos). (install-client-nokey): Also install the dracut module directory, its files, and the password-agent(8mandos) manual page. (install-client): To update the initramfs image file, run update-initramfs or dracut depending on what is installed. (uninstall-client): - '' - and also uninstall the the files in the dracut module directory, that directory itself, and the password-agent(8mandos) manual page. * debian/control (Build-Depends): Add "libglib2.0-dev (>=2.40)". (Package: mandos-client/Depends): Add "dracut (>= 044+241-3)" as an alternative dependency to initramfs-tools. (Package: mandos-client/Conflicts): New; set to "dracut-config-generic". (debian/mandos-client.README.Debian): Document alternative commands to update the initramfs image for when dracut is used. * debian/mandos-client.postinst (update_initramfs): Use alternative commands to update the initramfs image for when dracut is used. * debian/tests/control (password-agent, password-agent-suid): Add two new tests. * dracut-module/ask-password-mandos.path: New. * dracut-module/ask-password-mandos.service: - '' - * dracut-module/cmdline-mandos.sh: - '' - * dracut-module/module-setup.sh: - '' - * dracut-module/password-agent.c: - '' - * dracut-module/password-agent.xml: - '' - * initramfs-unpack: Use the dracut "skipcpio" command, if available. Also be more flexible and try hard to detect where compressed data starts. * plugins.d/mandos-client.xml (SECURITY): Be more precise that the mandos-client binary might not always be setuid, but that the program assumes that it has been started that way. * plugins.d/password-prompt.c: Add new "--prompt" option. (conflict_detection): First try to detect the new PID file of plymouth. (main): Define and use new "prompt" variable. * plugins.d/password-prompt.xml (SYNOPSIS): Show new --prompt option. (DESCRIPTION): Describe new behavior of looking for plymouth PID file. (OPTIONS): Document new "--prompt" option. (ENVIRONMENT): Clarify that the CRYPTTAB_SOURCE and CRYPTTAB_NAME environment variables are not used if the --prompt option is used. Remove unnecessarily specific details about where the CRYPTTAB_SOURCE and CRYPTTAB_NAME comes from, since this can now be either initramfs-tools or dracut. (SEE ALSO): Remove superfluous crypttab(5) reference, and add commas to separate the other references. * plugins.d/plymouth.c: Add new "--prompt" and "--debug" options. (debug): New global flag. (fprintf_plus): New function, used for debug output. (exec_and_wait): Add extra "const" to "argv" argument. (main): Define and use new "prompt" variable. Add debug output. (main/options, main/parse_opt): New; used to parse options. * plugins.d/plymouth.xml (SYNOPSIS): Show new options. (OPTIONS): Document new options. (ENVIRONMENT): Clarify that the cryptsource and crypttarget environment variables are not used if the --prompt option is used. Remove unnecessarily specific details about where the cryptsource and crypttarget comes from, since this can now be either initramfs-tools or dracut. (EXAMPLE): Add an example using an option. (SEE ALSO): Remove superfluous crypttab(5) reference. * plugins.d/splashy.xml (ENVIRONMENT): Clarify that the cryptsource and crypttarget environment variables are not used if the --prompt option is used. Remove unnecessarily specific details about where the cryptsource and crypttarget comes from, since this can now be either initramfs-tools or dracut. (SEE ALSO): Remove superfluous crypttab(5) reference. * plugins.d/usplash.xml (ENVIRONMENT): Clarify that the cryptsource and crypttarget environment variables are not used if the --prompt option is used. Remove unnecessarily specific details about where the cryptsource and crypttarget comes from, since this can now be either initramfs-tools or dracut. (SEE ALSO): Remove superfluous crypttab(5) reference.
if ! dpkg-statoverride --list "/var/lib/mandos" >/dev/null \
54
2>&1; then
55
chown _mandos:_mandos /var/lib/mandos
56
chmod u=rwx,go= /var/lib/mandos
57
fi
58
59
if dpkg --compare-versions "$2" eq "1.8.0-1" \
60
|| dpkg --compare-versions "$2" eq "1.8.0-1~bpo9+1"; then
61
if grep --quiet --regexp='^[[:space:]]*key_id[[:space:]]*=[[:space:]]*[Ee]3[Bb]0[Cc]44298[Ff][Cc]1[Cc]149[Aa][Ff][Bb][Ff]4[Cc]8996[Ff][Bb]92427[Aa][Ee]41[Ee]4649[Bb]934[Cc][Aa]495991[Bb]7852[Bb]855[[:space:]]*$' /etc/mandos/clients.conf; then